use of com.sun.identity.saml2.plugins.SPAuthnContextMapper in project OpenAM by OpenRock.
the class SPSSOFederate method createReqAuthnContext.
/* Creates RequestedAuthnContext Object */
private static RequestedAuthnContext createReqAuthnContext(String realmName, String spEntityID, Map paramsMap, Map spConfigMap) {
RequestedAuthnContext reqCtx = null;
String className = null;
if ((spConfigMap != null) && (!spConfigMap.isEmpty())) {
List listVal = (List) spConfigMap.get(SAML2Constants.SP_AUTHCONTEXT_MAPPER);
if (listVal != null && listVal.size() != 0) {
className = ((String) listVal.iterator().next()).trim();
}
}
SPAuthnContextMapper spAuthnContextMapper = SAML2Utils.getSPAuthnContextMapper(realmName, spEntityID, className);
try {
reqCtx = spAuthnContextMapper.getRequestedAuthnContext(realmName, spEntityID, paramsMap);
} catch (SAML2Exception e) {
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message("SPSSOFederate:Error creating " + "RequestedAuthnContext", e);
}
}
return reqCtx;
}
use of com.sun.identity.saml2.plugins.SPAuthnContextMapper in project OpenAM by OpenRock.
the class SAML2Utils method fillMap.
private static Map fillMap(final List authnStmts, final Subject subject, final Assertion assertion, final List assertions, final AuthnRequestInfo reqInfo, final String inRespToResp, final String orgName, final String hostEntityId, final String idpEntityId, final SPSSOConfigElement spConfig, final Date notOnOrAfterTime) throws SAML2Exception {
// use the first AuthnStmt
AuthnStatement authnStmt = (AuthnStatement) authnStmts.get(0);
int authLevel = -1;
String mapperClass = getAttributeValueFromSPSSOConfig(spConfig, SAML2Constants.SP_AUTHCONTEXT_MAPPER);
SPAuthnContextMapper mapper = getSPAuthnContextMapper(orgName, hostEntityId, mapperClass);
RequestedAuthnContext reqContext = null;
AuthnRequest authnRequest = null;
if (reqInfo != null) {
reqContext = (reqInfo.getAuthnRequest()).getRequestedAuthnContext();
authnRequest = reqInfo.getAuthnRequest();
}
authLevel = mapper.getAuthLevel(reqContext, authnStmt.getAuthnContext(), orgName, hostEntityId, idpEntityId);
String sessionIndex = authnStmt.getSessionIndex();
Date sessionNotOnOrAfter = authnStmt.getSessionNotOnOrAfter();
Map smap = new HashMap();
smap.put(SAML2Constants.SUBJECT, subject);
smap.put(SAML2Constants.POST_ASSERTION, assertion);
smap.put(SAML2Constants.ASSERTIONS, assertions);
if (authnRequest != null) {
smap.put(SAML2Constants.AUTHN_REQUEST, authnRequest);
}
String[] data = { assertion.getID(), "", "" };
if (LogUtil.isAccessLoggable(Level.FINE)) {
data[1] = subject.toXMLString();
}
if (sessionIndex != null && sessionIndex.length() != 0) {
data[2] = sessionIndex;
smap.put(SAML2Constants.SESSION_INDEX, sessionIndex);
}
if (authLevel >= 0) {
smap.put(SAML2Constants.AUTH_LEVEL, new Integer(authLevel));
}
// SessionNotOnOrAfter
if (sessionNotOnOrAfter != null) {
long maxSessionTime = (sessionNotOnOrAfter.getTime() - System.currentTimeMillis()) / 60000;
if (maxSessionTime > 0) {
smap.put(SAML2Constants.MAX_SESSION_TIME, new Long(maxSessionTime));
}
}
if (inRespToResp != null && inRespToResp.length() != 0) {
smap.put(SAML2Constants.IN_RESPONSE_TO, inRespToResp);
}
if (debug.messageEnabled()) {
debug.message("SAML2Utils.fillMap: Found valid authentication " + "assertion.");
}
if (notOnOrAfterTime != null) {
smap.put(SAML2Constants.NOTONORAFTER, new Long(notOnOrAfterTime.getTime()));
}
LogUtil.access(Level.INFO, LogUtil.FOUND_AUTHN_ASSERTION, data, null);
return smap;
}
use of com.sun.identity.saml2.plugins.SPAuthnContextMapper in project OpenAM by OpenRock.
the class SAML2Utils method getSPAuthnContextMapper.
/**
* Returns the Service Provider AuthnContext Mapper Object.
*
* @param authnCtxClassName Service Provider AuthnContext Mapper Class Name.
* @return SPAuthnContextMapper Object.
*/
public static SPAuthnContextMapper getSPAuthnContextMapper(String realm, String hostEntityID, String authnCtxClassName) {
SPAuthnContextMapper spAuthnCtx = (SPAuthnContextMapper) SPCache.authCtxObjHash.get(hostEntityID + "|" + realm);
if (debug.messageEnabled()) {
debug.message("AuthContext Class Name is :" + authnCtxClassName);
}
if ((spAuthnCtx == null) && ((authnCtxClassName != null) && (authnCtxClassName.length() != 0))) {
try {
spAuthnCtx = (SPAuthnContextMapper) Class.forName(authnCtxClassName).newInstance();
SPCache.authCtxObjHash.put(hostEntityID + "|" + realm, spAuthnCtx);
} catch (ClassNotFoundException ce) {
if (debug.messageEnabled()) {
debug.message("SAML2Utils: Mapper not configured" + " using Default AuthnContext Mapper");
}
} catch (InstantiationException ie) {
if (debug.messageEnabled()) {
debug.message("SAML2Utils: Instantiation ");
debug.message("SAML2Utils:Error instantiating : " + " using Default AuthnContext Mapper");
}
} catch (IllegalAccessException iae) {
if (debug.messageEnabled()) {
debug.message("SAML2Utils: illegalaccess");
debug.message("SAML2Utils:Error : " + " using Default AuthnContext Mapper");
}
} catch (Exception e) {
if (debug.messageEnabled()) {
debug.message("SAML2Utils:Error : " + " using Default AuthnContext Mapper");
}
}
}
if (spAuthnCtx == null) {
spAuthnCtx = new DefaultSPAuthnContextMapper();
SPCache.authCtxObjHash.put(hostEntityID + "|" + realm, spAuthnCtx);
}
return spAuthnCtx;
}
Aggregations